SAP Security / GRC Lead (Access Control & SoD) in Cowbridge

Location: Home based with travel to client sites.

Vetting: Due to security clearance requirements candidates must be eligible for or currently hold SC and be UK nationals.

An exciting opportunity has arisen for an experienced SAP Security & GRC Lead to join our team to define and govern the enterprise security and risk framework across S/4HANA, SAP BTP, cloud applications, and hybrid identity platforms. The role serves as the strategic link between security architecture, business stakeholders, auditors, and delivery teams. You will modernize SAP security using SAP GRC 2026, establish a secure‑by‑design control model, and introduce AI-driven automation for access governance and continuous monitoring. Strong SAP GRC expertise and leadership are essential to guide global teams through audits, remediation, and risk reduction.

What You’ll Do:

• Lead the implementation or migration of SAP GRC 2026, consolidating Access Control, Process Control, and Risk Management into one HANA-native platform.
• Architect and maintain a comprehensive S/4HANA and Fiori/UI5 security model, including role design, OData V4 protection, and SAP BTP authorization concepts.
• Deploy SAP Joule and generative AI to automate access requests, SoD analysis, risk detection, and automated control rule generation.
• Manage enterprise access governance through SAP Cloud IAG, integrating hybrid environments with platforms such as Microsoft Entra ID.
• Transition organizations from periodic audits to Continuous Controls Monitoring (CCM) using HANA’s in-memory analytics for real‑time risk visibility.
• Drive compliance with global regulatory frameworks: SOX, GDPR, J‑SOX, NIS2, and DORA.
• Integrate security workflows with SAP Enterprise Threat Detection (ETD) for real‑time security alerts, anomaly detection, and log monitoring.
• Lead global onshore/offshore teams and serve as the senior interface for auditors, risk committees, and C‑suite stakeholders during compliance and remediation cycles.

What We Are Looking For:

• Strong SAP Security & SAP GRC experience, including 2+ full S/4HANA implementations as a Lead.
• Deep functional and technical expertise in GRC Access Control (ARA, ARM, EAM, BRM), Process Control, and Risk Management.
• Hands‑on experience with SAP IAG, SAP BTP security concepts, and integration across SaaS systems (SuccessFactors, Ariba, Concur, etc.).
• Strong knowledge of SAP HANA database security, including encryption, passwordless authentication, and HANA‑native authorization objects.
• Proven ability to define enterprise security architecture aligned with Clean Core and 2026 SAP security standards.
• Excellent communication, documentation, and stakeholder management skills with experience working directly with auditors and compliance teams.

Desired Skills:

• SAP Certified Technology Professional – System Security & GRC.
• CISA (Certified Information Systems Auditor) or CRISC (Risk & Information Systems Control).
• CISSP (Certified Information Systems Security Professional).
• Azure/AWS/GCP identity or security certifications (added advantage).

About DXC:

At DXC, you’ll join a team that values innovation, collaboration, and impact. We work with major global clients to solve complex challenges and build digital solutions that power transformation. You’ll have the opportunity to grow your SAP expertise, share your ideas, and be part of a culture that celebrates continuous learning. You will also benefit from our Flexible Benefits Package including flexible options for private medical insurance, dental, travel cover, and more. You will also have access to exclusive discounts on restaurants and everyday purchases.

Employee Benefits:

As part of our competitive remuneration package, flexible benefits are available. There is an option to “flex up and down” on specific benefits, for example buy or sell annual leave, Private Medical Benefit, Dental and Travel Insurance. You will also have access to ‘Perks at Work’, a discount store to purchase gift cards at reduced rates and get discounts on holidays, restaurants, activities, groceries and more.

What’s Next:

If you’re ready to define modern SAP security architecture and lead global governance initiatives, this is your next move. Apply now!

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritises in‑person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.